I like to think back on the good old days, when the worst thing Windows might
do to us was crash.
Now we have to defend ourselves against invisible programs that silently take
over our PCs, record our keystrokes to capture our banking passwords,
use our bandwidth to send out junk e-mails that can’t be traced back
to the senders, and then bury us in the spam we receive in turn from all
the other PC users whose machines have been similarly hacked.
Since first alerting you to the release of Windows XP Service Pack 2
(SP2) in the
Aug. 19 issue of the Windows Secrets Newsletter, a number of glitches with
the upgrade have surfaced. This isn’t surprising. As we’ve noted repeatedly,
people are going to have some problems with SP2, one of Microsoft’s most
intrusive and potentially disruptive updates ever. In today’s issue, we’ll
examine some of these concerns.
Microsoft finally released the long-awaited Windows XP Service Pack 2
(SP2) to manufacturing, initiating a set of release-related
activities that will likely continue well into October. SP 2 beta
testers and MSDN Universal and Professional subscribers were the first
to get access to the download on Aug. 6. Since that date, Microsoft has
been staging the release of SP2 to the rest of the world.
Last year, Microsoft released an Office family product called
OneNote. You may not have heard of OneNote, because Microsoft
curiously chose not to include it with any of its Office 2003
product bundles (Standard, Professional, and so on). Or you may have
dismissed this application as one you can do without.
Sometimes, Microsoft's patches really turn my stomach.
This week? It’s the “Windows Task Scheduler” security patch that’s identified as
If you slog through Microsoft's miles and miles of technical discussion, you
might come to the conclusion that poor ol’ Microsoft had fallen victim to yet
another bunch of wily black-hat virus writers. These miscreants do their worst
to lure you to their wicked Web sites in order to infect your poor, unsuspecting
PC with a bogus Windows Task Scheduler job. (The problem afflicts Windows XP,
Windows 2000, and Windows NT 4 if Internet Explorer 6 is installed.)
In the June 17
issue of Brian’s Buzz on Windows, we discussed the promise of Windows XP
Service Pack 2 (SP2) and why you need to evaluate this release before
Microsoft finalizes the product sometime later this summer.
After many agonizing months of development, Microsoft issued on
June 14 its Release Candidate 2 of the major new upgrade, Service Pack 2 (SP2)
for Windows XP. As a “release candidate,” the update is not yet a
supported package that can be installed en masse by Windows users.
(For one thing, it’s never recommended that you install the final software
over a release candidate, even if there’s an uninstall feature for the
beta version.) But it’s getting very close to the “gold” version of the
software that Microsoft will soon be urging all XP users to install.
The recent wave of “phishing” attacks was the primary
subject of Brian’s Buzz on Windows in both my
May 6 and
In a phishing exploit, you receive an official-looking e-mail that appears
to be from an online banking or financial site — perhaps one that you
have an account with. The e-mail says you must “re-confirm” your account details.
If you click the link in the e-mail, you’re sent to an official-looking
Web page that’s actually controlled by thieves. When you type in
your password or credit-card number, the hackers behind the site capture
the information and use it to steal from your account.
The top story of the
May 6 issue
of Brian’s Buzz on Windows revealed that hackers had found a way to hijack
the address bar of Internet Explorer, Netscape, and possibly other browsers.
This exploit makes it appear that you are visiting one site — such as
your online bank — whereas you are actually visiting a bogus site
that just happens to look exactly like your online bank.
Scam artists on the Internet have developed a way to make your browser’s
address bar say that you’re viewing a legitimate Web site — when you’re
actually visiting a malicious site instead. The new technique is known to
affect Microsoft’s Internet Explorer (IE) browser, but also affects the
Netscape browser and possibly others as well.